This paper describes a usable security experiment with xmail, a prototype that
enhances Gmail's webmail client security with end-to-end encryption making user content
unreadable by the service provider. The prototype follows a seamless and always-on
approach requiring minimal changes to the Gmail user interface and task flow. Many studies
have pointed out problems with email security usability, but they usually take an adversarial
context as reference. The focus of this work is on peacetime information disclosure with ...